Материалы по теме 'Dependabot' | DevsDay.ru

IT-блоги Материалы по теме 'Dependabot'

IT-блоги Материалы по теме 'Dependabot'


Разработка The GitHub Blog 1 июля 2022 г. 17:00

New Actions from Anchore, NowSecure, SBT, and Trivy are now available to create a more comprehensive GitHub Dependency Graph.... читать далее

Security GitHub Actions

Разработка The GitHub Blog 1 июля 2022 г. 15:22

Can projects and GitHub Actions be used by your non-developer teams? They absolutely can. Check out how our Security Team uses GitHub to run the department effortlessly.... читать далее

Company Product Security GitHub Actions GitHub Issues

Разработка The GitHub Blog 27 июня 2022 г. 20:24

We’re excited to announce that the GitHub Advisory Database now includes curated security advisories on Erlang, Elixir, and more.... читать далее

Company Security

Разработка The GitHub Blog 17 июня 2022 г. 19:00

Expand the completeness of your dependency graph by using the dependency submission API, which will create more comprehensive alerts on supply chain vulnerabilities... читать далее

Product Security Dependabot

Разработка The GitHub Blog 15 июня 2022 г. 15:46

To combat the prevalence of malware in the open source ecosystem, GitHub now publishes malware occurrences in the GitHub Advisory Database. These advisories power Dependabot alerts and remain forever free and usable by the community.... читать далее

Security Dependabot supply chain security

Разработка The GitHub Blog 9 июня 2022 г. 20:47

Dependabot is generally available in GitHub Enterprise Server 3.5. Here is how to set up Dependabot on your instance.... читать далее

Enterprise Dependabot supply chain security

Разработка The GitHub Blog 6 июня 2022 г. 10:15

The Rust community can now discover, report, and prevent security vulnerabilities.... читать далее

Product Security supply chain security

Разработка The GitHub Blog 31 мая 2022 г. 16:36

GitHub Enterprise Server 3.5 is available now, including access to the Container registry, the addition of Dependabot, enhanced administrator capabilities, and features for GitHub Advanced Security.... читать далее

Enterprise Product Security Dependabot GitHub Actions GitHub Advanced Security GitHub Enterprise Server GitHub Packages

Разработка The GitHub Blog 25 мая 2022 г. 22:22

A two-part story about how GitHub’s Product Security Engineering team rolled out Dependabot internally to track vulnerable dependencies, and how GitHub tracks and prioritizes technical debt.... читать далее

Enterprise Security Dependabot

Разработка The GitHub Blog 16 мая 2022 г. 22:29

The innersource contribution percentage is the rate of contributions from people outside the team that originally authored the software. Let’s dive into what it can look like for your organization.... читать далее

Enterprise innersource

Разработка The GitHub Blog 6 мая 2022 г. 15:52

We're taking a look at some of the most common security vulnerabilities and detailing how developers can best protect themselves.... читать далее

Product Security code scanning Dependabot GitHub Security Lab

Разработка The GitHub Blog 28 апреля 2022 г. 15:55

These days software is subject to an ever-changing threat landscape. Check out the many ways you can keep your projects secure on GitHub today.... читать далее

Product Security supply chain security

Разработка The GitHub Blog 22 апреля 2022 г. 14:59

From plug-and-play automations to protected branches, here are simple ways any developer can build more secure software on GitHub—all with a free account.... читать далее

Product Security CodeQL Dependabot GitHub Actions

Разработка The GitHub Blog 14 апреля 2022 г. 16:30

Today, we're shipping a new feature for Dependabot alerts which helps you better understand how you're affected by a vulnerability.... читать далее

Open Source Product Security Dependabot supply chain security

Разработка The GitHub Blog 6 апреля 2022 г. 18:13

The new dependency review action and API prevents the introduction of known supply chain vulnerabilities into your code.... читать далее

Engineering Product GitHub Actions supply chain security

Разработка The GitHub Blog 6 апреля 2022 г. 15:55

We want to take away the pain and effort of keeping your code secure, so check out how Dependabot empowers developers to keep to their projects secure.... читать далее

Product Security Dependabot supply chain security

Разработка The GitHub Blog 4 апреля 2022 г. 17:57

Organizations with GitHub Advanced Security can now proactively protect against secret leaks with secret scanning’s new push protection feature.... читать далее

Enterprise Security GitHub Advanced Security Secret Scanning